Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More

Immuta, which provides a cloud-native data governance platform to help organizations automate data access control, security, privacy, and compliance, today announced it has raised $90 million in series D funding. Immuta says it will use the investment — which brings the startup’s total raised to date to $169 million — to expand the size of its workforce, acquire new customers, and further develop its products.

About 64% of respondents to a global Thales report feel adhering to compliance requirements is a “very” or “extremely”  effective way of keeping data secure. But compliance is expensive. In a 2017 PricewaterhouseCoopers survey of execs at U.S., U.K., and Japanese tech companies, 88% said their company planned to spend over $1 million preparing for the EU’s General Data Protection Regulation (GDPR) in the run-up to its full May 2018 implementation. A smaller percentage of respondents — 40% — said they expected to spend $10 million or more.

Since its founding in 2015, Immuta, which offers a dashboard to automate cloud access control, claims to have built strategic partnerships with leading cloud data technology providers. The company’s bookings grew by more than 115% this year as it doubled its headcount and grew its customer base, which now includes Aon, Credit Suisse, Daimler, Flatiron, IAG, S&P Global, the U.S. Army, and other brands in financial services, insurance, health care, and consumer technology.



Transform 2023

Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.


Register Now

“Immuta founders Matthew Carroll and Steven Touw spent over a decade working with the U.S. intelligence community, tackling some of the most complex and sensitive data governance problems. They started Immuta to help organizations across a range of industries harness the value of their data,” a spokesperson told VentureBeat via email. “Immuta integrates with its customers’ data platforms of choice, [including] Databricks, Snowflake, BigQuery, and more. Any user accessing those platforms where Immuta is integrated … gets the benefit of using Immuta to control data access.”

Immuta, which supports datacenter, on-premises, and hybrid cloud architectures, aims to automate the discovery, classification, and tagging of sensitive information. The platform delivers self-service access to analytics and enables access control management while ensuring compliance with federal, industry, employment, and contractual regulations, minimizing the need for copying, moving, or manually anonymizing data.

Immuta can also audit data usage and gather insights with reports in a unified enforcement layer. Users can see what data was accessed, when, by whom, and for what purpose.

“As every organization migrates their data to the cloud, it’s not all going to one place. Companies are choosing between data lakes and warehouses, and they need to build data products to share and exchange data for an increasing number of users. The problem is that as these environments get more complex, there are too many contractual and regulatory service-level agreements around data access and usage,” cofounder and CEO Matthew Carroll told VentureBeat in an email interview. “Immuta solves this problem by simplifying and automating cloud data access and sharing. With this new funding, we will expand our product vision to integrate into all cloud infrastructure and in every data cloud to provide a single, seamless control plane for lakehouse architectures, which [are] emerging as the standard architecture for modern data stacks.”

Exploding market

It’s safe to say compliance management is a red-hot sector. Last year, San Francisco-based TrustArc raised a $70 million round of funding to help companies implement privacy and compliance programs, Privitar nabbed $40 million to better enable businesses to engineer privacy protection into their data projects, and OneTrust secured $300 million to help enterprises comply with international data residency regulations. Back in 2018, BigID nabbed $30 million to expand its data privacy management platform. And at the end of 2019, LogicGate, which provides a platform that automates processes and compliance tracking, raised $24.75 million to invest in content, frameworks, data partnerships, and integration.

“Cloud data access control is the primary use case. As organizations migrate and mature on the cloud, they need a way to manage and govern access to their data. They need a scalable way to manage and make data available for analytics,” the spokesperson said. “The pandemic greatly accelerated cloud migration, so as cloud-native data platforms have grown in popularity this past year, Immuta has grown similarly.”

Greenspring Associates, March Capital, NGP Capital, and Wipro Ventures participated in Immuta’s series D round, alongside existing investors TenEleven Ventures, Intel Capital, DFJ Growth, Dell Technologies Capital, Citi Ventures, and Okta Ventures. This follows the Boston-based company’s $40 million series C in June 2020 and $20 million series B in 2018.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.